Main key steps
If you are already opening PSSessions on other computers, then there are only two key steps which are different for Azure VMs:
- Add a new inbound rule to the VM‘s Network Security Group
- Change the existing firewall rule on the target computer to accept remote computers outside the local subnet
However, to be sure you didn’t miss something, here are all required steps.
Detailed steps
On your source computer
- Open an elevated command prompt
- Ensure the WinRM service is set to Automatic
Set-Service -Name WinRM -StartupType Automatic
- Ensure the WinRM service is started
Start-Service -Name WinRM
- Authorize your source computer to connect to any target computer
Set-Item -Path WSMAN:\localhost\client\trustedhosts -Value '*'
On the Azure Portal
Add an inbound port rule in the Network Security Group of the VM
- Go to your Virtual Machine’s blade and under SETTINGS select Networking.
- Click on Add inbound port rule
- At the top of the top of the blade ensure that Basic is displayed, or click on Advanced
- On the Add inbound security rule blade make following changes
- In Destination port ranges type 5985
- Select TCP as protocol
- Give a meaningful Name like PSRemoting
On the target VM
- Connect to the target computer with an RDP console
- Ensure PSRemoting is enabled and the computer firewall rules are configured
Enable-PSRemoting
- Change the existing firewall rule to accept remote computers outside the local subnet
Set-NetFirewallRule -Name 'WINRM-HTTP-In-TCP-PUBLIC' -RemoteAddress 'Any'
Open the PSSession
That’s it!
Now connect to your Azure VM like to any other computer.
Enter-PSSession -ComputerName 51.13.14.16 -Credential -\VM_AdminAccount
More about
About Remote Troubleshooting (Microsoft Docs)
Filter network traffic with network security groups (Microsoft Docs)
itluke.online 